Comments and answers are inline.
Am 04.03.2016 um 21:02 schrieb Andrés Garagiola:
> I'm seeing a few examples where after create keys it are validated.
> What is the reason to do it?
To ensure you actually loaded genuine keys that haven't been damaged
since last use and to ensure that everything is operational.
> What kind of problem without validate the keys?
You may have loaded keys that are weakly structured in an obvious manner
or that have otherwise been altered, for example through standard HDD
errors.
>
> bool GeneratePublicKey( const ECDSA<ECP, SHA1>::PrivateKey&
> privateKey, ECDSA<ECP, SHA1>::PublicKey& publicKey )
> {
> AutoSeededRandomPool prng;
>
> // Sanity check
> assert( *privateKey.Validate( prng, 3 )* );
>
> privateKey.MakePublicKey(publicKey);
> assert( *publicKey.Validate( prng, 3 )* );
>
> return*publicKey.Validate( prng, 3 );*
> }
>
> What's means the level?
This is explained at
https://www.cryptopp.com/wiki/Keys_and_formats#Validating_Keys
To quote the wiki here:
0: using this object [key] won't cause a crash or an exception (RNG
parameter is ignored)
1: this object [key] will probably function (encrypt, sign, ...)
correctly (but may not check for weak keys and such)
2: make sure this object [key] will function correctly and perform
reasonable security checks
3: do checks that may take a long time
made-up Example: RSA private key
0: All required values are available and the integer classes work
1: textbook encrypting and decrypting yielded the correct result (or
something similar)
2: ensure that all values are actually correct, like that the primes are
actually prime and that the order is co-prime to e
3: Do the primality checks with much more miller-rabin rounds.
>
> I'm looking this wiki page
> https://www.cryptopp.com/wiki/Elliptic_Curve_Digital_Signature_Algorithm
> but the explanation about validation is not included with the examples.
>
> Regards
> --
> --
> You received this message because you are subscribed to the "Crypto++
> Users" Google Group.
> To unsubscribe, send an email to
> [email protected].
> More information about Crypto++ and this group is available at
> http://www.cryptopp.com.
> ---
> You received this message because you are subscribed to the Google
> Groups "Crypto++ Users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to [email protected]
> <mailto:[email protected]>.
> For more options, visit https://groups.google.com/d/optout.
--
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
